Top IT Security Bloggers

  • Microsoft Patch Tuesday – July 2016

    Symantec Security Response Blogs
    This month the vendor is releasing 11 bulletins, five of which are rated Critical.






    Twitter Card Style: 
    summary




    read more
  • Fake Pokémon GO app watches you, tracks you, listens to your calls

    Sophos - Naked Security
    Pokémon GO not available in your country yet? Trying to get it unofficially? Be careful out there...
  • Rigged YouTube videos can use Siri and Google Now to hijack your phone

    Sophos - Naked Security
    Researchers have demonstrated that "hidden" voice commands can trick voice-activated assistants into doing things like downloading malware.
  • Facebook tests end-to-end encrypted Secret Conversations on Messenger

    Sophos - Naked Security
    Facebook swears it can't read the messages unless a conversation gets reported. Users can also set a timer for message self-destruct.
  • French Dark Bets: Betting On Euro 2016

    Trend Micro - Security Intelligence
    While French underground marketplaces are typically located in the "Dark Web", recently they ventured out onto YouTube to advertise the newest addition to their services: online gambling.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    French Dark Bets: Betting On Euro 2016
  • French Dark Bets: Betting On Euro 2016

    TrendLabs - Malware Blog
    While French underground marketplaces are typically located in the "Dark Web", recently they ventured out onto YouTube to advertise the newest addition to their services: online gambling.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    French Dark Bets: Betting On Euro 2016
  • Billion-dollar scams: The numbers behind BEC fraud

    Symantec Security Response Blogs
    More than 400 companies are targeted with BEC scams every day. Find out more and learn how to stay protected.






    Twitter Card Style: 
    summary_large_image


    Business email compromise (BEC), or CEO fraud, continues to be the bane of companies in 2016. BEC scams are low-tech financial fraud in which spoofed emails from CEOs are sent to financial staff to request large money transfers. While they require little expertise and skill, the financial rewards for the fraudsters can be high.
    read more
  • Privacy warning over Pokémon Go app for iOS as it grabs full access to players' Google accounts

    Graham Cluley
    As if there weren't enough headlines about malicious bogus Pokémon Go apps for Android, and thieves using the game ambush and rob unsuspecting players, privacy concerns have now been raised about the iOS edition of the app.
    Adam Reeve found that players of the iOS version of Pokémon Go who signed into the app via Google, were unwittingly giving the Nintendo game - developed by Nantic - full access to their Google account:
    Let me be clear - Pokemon Go and Niantic can now:

    Read all your email
    Send email as you
    Access all your Google drive documents (including deleting them)
    Look at your search history and your Maps navigation history
    Access any private photos you may store in Google Photos
    And a whole lot more

    And they have no need to do this - when a developer sets up the “Sign in with Google” functionality they specify what level of access they want - best practices (and simple logic) dictate you ask for the minimum you actually need, which is usually just simple contact information.
    Other players of Pokémon Go - including popular security tweeter @SwiftOnSecurity - confirmed that the app had grabbed full access to their Google accounts.
    I like to imagine this is a cockup rather than a conspiracy, and that the game's developers do not have any malicious intent, but this really doesn't sound good at all.
    Hopefully a new fixed version of the Pokémon Go app for iOS will be released sooner rather than later.
    In the meantime, players may wish to revoke the game's access to their Google account.
  • Security analyst banned for disclosing vulnerabilities in web forums

    Graham Cluley
    Is NeighbourNet taking reports of vulnerabilities in its platform seriously?
    David Bisson reports.
  • Serial Swatter, Stalker and Doxer Mir Islam Gets Just 1 Year in Jail

    Krebs on Security
    Mir Islam, a 21-year-old Brooklyn man who pleaded guilty to an impressive array of cybercrimes including cyberstalking, "doxing" and "swatting" celebrities and public officials (as well as this author), was sentenced in federal court today to two years in prison. Unfortunately, thanks to time served in this and other cases, Islam will only see a year of jail time in connection with some fairly heinous assaults that are becoming all too common.

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release